search cancel

Failed to obtain encoded certificate size.Failure code:-2146893816

book

Article ID: 163283

calendar_today

Updated On:

Products

IT Management Suite

Issue/Introduction

Customer is trying to install SMP 8.0 and then HF1.

The customer starts the process and SIM installs all the necessary MSIs but as soon as it starts configuring (somewhere around step 9 during
configuration), it fails.
The customer then stays in a misconfigured state and repairs or direct reconfiguration doesn't pass the error mentioned below.

The messages and errors noticed are:

Entry 1:
Configuring product: D:\Program Files\Altiris\Notification Server\Config\CoreSolution.config
-----------------------------------------------------------------------------------------------------
Date: 5/11/2016 5:06:02 PM, Tick Count: 2238239 (00:37:18.2390000),
Process: AeXSvc (5320), Thread ID: 33, Module: AeXSVC.exe
Priority: 4, Source:
Altiris.NS.Installation.ProductConfigurationWorker.ConfigureProductInternal

Entry 2:
Operation started: Installing Cryptography: 'Notification Server' (a18da391-b2dc-4bbd-83a9-84b2fdfd6f9f) ...
-----------------------------------------------------------------------------------------------------
Date: 5/11/2016 5:06:13 PM, Tick Count: 2248863 (00:37:28.8630000), Host
Name: YYCBVVMALTIRIS2, Size: 330 B
Process: AeXSvc (5320), Thread ID: 33, Module: AeXSVC.exe
Priority: 4, Source: InstallProduct_Crypto

Entry 3:
Failed to obtain encoded certificate size.Failure code:-2146893816
-----------------------------------------------------------------------------------------------------
Date: 5/11/2016 5:06:13 PM, Tick Count: 2249238 (00:37:29.2380000),
Process: AeXSvc (5320), Thread ID: 33, Module: AeXSVC.exe
Priority: 1, Source:
Altiris.NS.Security.Cryptography.CryptoHelper.NSCertificateManager.GenerateWin32Exception

Entry 4:
Cetificate generation failed with exception.
Invalid algorithm specified
   [System.ComponentModel.Win32Exception @ Altiris.NS]
   at Altiris.NS.Security.Cryptography.CryptoHelper.NSCertificateManager.GenerateCertificate()

Exception logged from:
   at Altiris.NS.Security.Cryptography.CryptoHelper.NSCertificateManager.GenerateCertificate()
   at Altiris.NS.Security.Cryptography.CertificateManager.CreateSelfSignCACertificate(X500DistinguishedName subject, CertificateUsageFlags certificateUsage,
Boolean bSkipAlternateNames)
   at Altiris.NS.Security.Cryptography.CertificateManager.ConfigureCAs(XmlNodeListcaNodes)
   at Altiris.NS.StandardItems.Product.ProductInstallation.Execute(String taskKey, String description, XmlNode node, String xPath, Action`1 actus)
   at Altiris.NS.StandardItems.Product.ProductInstallation.InstallProduct_Crypto(XmlNode installationNode)
   at Altiris.NS.StandardItems.Product.ProductInstallation.OnInstallProduct(XmlNode installationNode)
   at Altiris.NS.StandardItems.Product.CoreSolutionInstallation.OnInstallProduct(XmlNode installationNode)
   at Altiris.NS.StandardItems.Product.ProductInstallation.InstallProduct()
   at Altiris.NS.StandardItems.Product.CoreSolutionInstallation.InstallProduct()
   at Altiris.NS.Installation.ProductConfigurationWorker.ConfigureProductInternal(String configFile, Boolean ownsProgressContext, SerializationMode serializationMode)
   at Altiris.NS.Installation.ProductConfigurationWorker.ConfigureProduct()
   at System.Threading.ExecutionContext.RunInternal(ExecutionContext
executionContext, ContextCallback callback, Object state, Boolean preserveSyncCtx)
   at System.Threading.ExecutionContext.Run(ExecutionContext executionContext, ContextCallback callback, Object state, Boolean preserveSyncCtx)
   at System.Threading.ExecutionContext.Run(ExecutionContext executionContext, ContextCallback callback, Object state)
   at System.Threading.ThreadHelper.ThreadStart()
-----------------------------------------------------------------------------------------------------
Date: 5/11/2016 5:06:13 PM, Tick Count: 2249238 (00:37:29.2380000),
Process: AeXSvc (5320), Thread ID: 33, Module: AeXSVC.exe
Priority: 1, Source:
Altiris.NS.Security.Cryptography.CryptoHelper.NSCertificateManager.GenerateCertificate

Entry 5:
Operation completed: Installing Cryptography: 'Notification Server'
(a18da391-b2dc-4bbd-83a9-84b2fdfd6f9f), total time=00:00:00.3935398
-----------------------------------------------------------------------------------------------------
Date: 5/11/2016 5:06:13 PM, Tick Count: 2249253 (00:37:29.2530000),
Process: AeXSvc (5320), Thread ID: 33, Module: AeXSVC.exe
Priority: 4, Source: InstallProduct_Crypto

Entry 6:
Failed to install product.
Upgrade of database, post install, was not fully successfull.
   [Altiris.NS.Exceptions.AeXException @ Altiris.NS.StandardItems]
   at Altiris.NS.StandardItems.Product.CoreSolutionInstallation.OnInstallProduct(XmlNode installationNode)
   at Altiris.NS.StandardItems.Product.ProductInstallation.InstallProduct()

Invalid algorithm specified
   [System.ComponentModel.Win32Exception @ Altiris.NS]
   at Altiris.NS.Security.Cryptography.CryptoHelper.NSCertificateManager.GenerateCertificate()
   at Altiris.NS.Security.Cryptography.CertificateManager.CreateSelfSignCACertificate(X500DistinguishedName subject, CertificateUsageFlags certificateUsage, Boolean bSkipAlternateNames)
   at Altiris.NS.Security.Cryptography.CertificateManager.ConfigureCAs(XmlNodeListcaNodes)
   at Altiris.NS.StandardItems.Product.ProductInstallation.Execute(String taskKey, String description, XmlNode node, String xPath, Action`1 actus)
   at Altiris.NS.StandardItems.Product.ProductInstallation.InstallProduct_Crypto(XmlNode installationNode)
   at Altiris.NS.StandardItems.Product.ProductInstallation.OnInstallProduct(XmlNode installationNode)
   at Altiris.NS.StandardItems.Product.CoreSolutionInstallation.OnInstallProduct(XmlNode installationNode)

Exception logged from:
   at Altiris.NS.StandardItems.Product.ProductInstallation.InstallProduct()
   at Altiris.NS.StandardItems.Product.CoreSolutionInstallation.InstallProduct()
   at Altiris.NS.Installation.ProductConfigurationWorker.ConfigureProductInternal(String configFile, Boolean ownsProgressContext, SerializationMode serializationMode)
   at Altiris.NS.Installation.ProductConfigurationWorker.ConfigureProduct()
   at System.Threading.ExecutionContext.RunInternal(ExecutionContext executionContext, ContextCallback callback, Object state, Boolean preserveSyncCtx)
   at System.Threading.ExecutionContext.Run(ExecutionContext executionContext, ContextCallback callback, Object state, Boolean preserveSyncCtx)
   at System.Threading.ExecutionContext.Run(ExecutionContext executionContext, ContextCallback callback, Object state)
   at System.Threading.ThreadHelper.ThreadStart()
-----------------------------------------------------------------------------------------------------
Date: 5/11/2016 5:06:13 PM, Tick Count: 2249269 (00:37:29.2690000),
Process: AeXSvc (5320), Thread ID: 33, Module: AeXSVC.exe
Priority: 1, Source:
Altiris.NS.StandardItems.Product.ProductInstallation.InstallProduct

Entry 7:
Failed to install the product from the file: D:\Program
Files\Altiris\Notification Server\Config\CoreSolution.config
Upgrade of database, post install, was not fully successfull.
   [Altiris.NS.Exceptions.AeXException @ Altiris.NS.StandardItems]
   at Altiris.NS.StandardItems.Product.CoreSolutionInstallation.OnInstallProduct(XmlNode installationNode)
   at Altiris.NS.StandardItems.Product.ProductInstallation.InstallProduct()
   at Altiris.NS.StandardItems.Product.CoreSolutionInstallation.InstallProduct()
   at Altiris.NS.Installation.ProductConfigurationWorker.ConfigureProductInternal(String configFile, Boolean ownsProgressContext, SerializationMode
serializationMode)

Invalid algorithm specified
   [System.ComponentModel.Win32Exception @ Altiris.NS]
   at Altiris.NS.Security.Cryptography.CryptoHelper.NSCertificateManager.GenerateCertificate()
   at Altiris.NS.Security.Cryptography.CertificateManager.CreateSelfSignCACertificate(X500DistinguishedName subject, CertificateUsageFlags certificateUsage, Boolean bSkipAlternateNames)
   at Altiris.NS.Security.Cryptography.CertificateManager.ConfigureCAs(XmlNodeListcaNodes)
   at Altiris.NS.StandardItems.Product.ProductInstallation.Execute(String taskKey, String description, XmlNode node, String xPath, Action`1 actus)
   at Altiris.NS.StandardItems.Product.ProductInstallation.InstallProduct_Crypto(XmlNode installationNode)
   at Altiris.NS.StandardItems.Product.ProductInstallation.OnInstallProduct(XmlNode installationNode)
   at Altiris.NS.StandardItems.Product.CoreSolutionInstallation.OnInstallProduct(XmlNode installationNode)

Exception logged from:
   at Altiris.NS.Installation.ProductConfigurationWorker.ConfigureProductInternal(String configFile, Boolean ownsProgressContext, SerializationMode serializationMode)
   at Altiris.NS.Installation.ProductConfigurationWorker.ConfigureProduct()
   at System.Threading.ExecutionContext.RunInternal(ExecutionContext executionContext, ContextCallback callback, Object state, Boolean preserveSyncCtx)
   at System.Threading.ExecutionContext.Run(ExecutionContext executionContext, ContextCallback callback, Object state, Boolean preserveSyncCtx)
   at System.Threading.ExecutionContext.Run(ExecutionContext executionContext, ContextCallback callback, Object state)
   at System.Threading.ThreadHelper.ThreadStart()
-----------------------------------------------------------------------------------------------------
Date: 5/11/2016 5:06:14 PM, Tick Count: 2250142 (00:37:30.1420000),
Process: AeXSvc (5320), Thread ID: 33, Module: AeXSVC.exe
Priority: 1, Source:
Altiris.NS.Installation.ProductConfigurationWorker.ConfigureProductInternal


Entry 8:
Failed to configure: D:\Program Files\Altiris\Notification Server\Config\CoreSolution.config
Upgrade of database, post install, was not fully successfull.
   [Altiris.NS.Exceptions.AeXException @ Altiris.NS.StandardItems]
   at Altiris.NS.StandardItems.Product.CoreSolutionInstallation.OnInstallProduct(XmlNode installationNode)
   at Altiris.NS.StandardItems.Product.ProductInstallation.InstallProduct()
   at Altiris.NS.StandardItems.Product.CoreSolutionInstallation.InstallProduct()
   at Altiris.NS.Installation.ProductConfigurationWorker.ConfigureProductInternal(String configFile, Boolean ownsProgressContext, SerializationMode
serializationMode)
   at Altiris.NS.Installation.ProductConfigurationWorker.ConfigureProduct()

Invalid algorithm specified
   [System.ComponentModel.Win32Exception @ Altiris.NS]
   at Altiris.NS.Security.Cryptography.CryptoHelper.NSCertificateManager.GenerateCertificate()
   at Altiris.NS.Security.Cryptography.CertificateManager.CreateSelfSignCACertificate(X500DistinguishedName subject, CertificateUsageFlags certificateUsage,
Boolean bSkipAlternateNames)
   at Altiris.NS.Security.Cryptography.CertificateManager.ConfigureCAs(XmlNodeListcaNodes)
   at Altiris.NS.StandardItems.Product.ProductInstallation.Execute(String
taskKey, String description, XmlNode node, String xPath, Action`1 actus)
   at Altiris.NS.StandardItems.Product.ProductInstallation.InstallProduct_Crypto(X
mlNode installationNode)
   at Altiris.NS.StandardItems.Product.ProductInstallation.OnInstallProduct(XmlNode installationNode)
   at Altiris.NS.StandardItems.Product.CoreSolutionInstallation.OnInstallProduct(XmlNode installationNode)

Exception logged from:
   at Altiris.NS.Installation.ProductConfigurationWorker.ConfigureProduct()
   at System.Threading.ExecutionContext.RunInternal(ExecutionContext executionContext, ContextCallback callback, Object state, Boolean
preserveSyncCtx)
   at System.Threading.ExecutionContext.Run(ExecutionContext executionContext, ContextCallback callback, Object state, Boolean preserveSyncCtx)
   at System.Threading.ExecutionContext.Run(ExecutionContext executionContext, ContextCallback callback, Object state)
   at System.Threading.ThreadHelper.ThreadStart()
-----------------------------------------------------------------------------------------------------
Date: 5/11/2016 5:06:14 PM, Tick Count: 2250142 (00:37:30.1420000),
Process: AeXSvc (5320), Thread ID: 33, Module: AeXSVC.exe
Priority: 1, Source:
Altiris.NS.Installation.ProductConfigurationWorker.ConfigureProduct

Cause

Enviromental issue. This environment certificates with SHA256 signature can't be created. There was a problem with installed cryptographic providers.

One Environment that this issue was caused by the installation of Entrust Encryption Software.  It was necessary to remove the registry key to get install ITMS. 

Resolution

You can find how to determine CSP list on server here:
http://hintdesk.com/c-how-to-fix-invalid-algorithm-specified-when-signing-with-sha256/

Review the "How do I know that CSP of my certificate supports SHA256?" section.
If ProviderType 24 is missing - then this is the reason of this failure during installation.

If Provider type 24 existed already, the solution is to delete the following key from registry:

"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography\OID\EncodingType 0\CryptDllFindOIDInfo\1.2.840.113549.1.1.11!4"

Then try to install one more time.